[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Cert comparison needs AI?

To: "'J D Brooks'" <jbrooks@xxxxxxxxxxxxxxxx>, "ietf-pkix@xxxxxxx" <ietf-pkix@xxxxxxx>, "list@xxxxxxxxxxxxxxxxx" <list@xxxxxxxxxxxxxxxxx>
Subject: RE: Cert comparison needs AI?
From: Anders Rundgren <anders.rundgren@xxxxxxxxxx>
Date: Tue, 15 Feb 2000 14:05:12 +0100

J D,

>But isn't it the responsibility of the certificate issuing authority to
>ensure two qualified certificates never refer to the same physical entity?

It definitely should, but apparently the concept of unmistakable identity has different
meaning to different people.  As unmistakable identity is the core of Qualified Certificates
it is really sad that so little has been done to penetrate this area.

IMO QC-03 guarantees that the limited interoperability offered by current PKI solutions (*) is preserved.

(*) Lotus Notes do not accept any X509 certificates except its own according to a recent
study by Swedish Police Authorities

(*) Win2K kerberos authentication only accepts its own X509 certificates according to
a well-known PKI evangelist in another mailing list

Anders

Prev by Date: RE: QC: Identification confusion continues
Next by Date: RE: Cert comparison needs AI?
Previous by thread: RE: Cert comparison needs AI?
Next by thread: RE: Cert comparison needs AI?
Index(es):
- Date
- Thread